Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=7c7.getemplaza.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 01, 2026
Valid Until
May 03, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
39:EA:33:87:F9:B1:77:89:20:9F:FB:FB:FE:60:F8:28:C1:2E:72:D4:D8:81:FB:86:4C:7C:3D:4E:B6:87:41:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-ut3Tkg3N75hrlI4gLHjBig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.coffee-car.com
adarshtechnologies.in
almobeen.academy
apholtra.ch
automations.io
seed-redemption.avalaunch.app
okta.beaconforce.com
www.blaser-engineering.ch
card.bonk321.com
www.bookinminutes.com
your.boxword.app
www.broad-gifu.com
manage.caderio.com
portal.campusapp.app
canvascalculator.com
test.app.mappa.capyba.com
www.celestececchi.com
certificare-ecologica.ro
www.cgore.co.uk
chatterbeats.com
adarshhospital.co.in
www.codeservices.io
www.conectadord.com
contentsoftit.com
cubesplash.com
dailyislam.app
datailedview.com
appstaging.desidime.com
angular.dev-ptera.com
devicedb.app
discoversparq.com
www.doyumeibo.jp
administrator.dronline-clinic.com
dualines.com
auth.dynapik.com
eleaapp.com
school.ericodarmawan.com
www.exploroff.com
financeagle.com
www.framecottageoptometry.com
futuresoftcompany.com
www.gallop.kiwi
7c7.getemplaza.com
buy-or-rent.getpiggy.app
gobulldogs.org
habitboy.com
pricing.hivepass.app
www.hyla.io
ibuildproduct.com
sn.icists.org
tesseramento.igpclan.it
www.inbill.app
ioosurvey.com
link.jadiprajurit.id
links.jakob7.com
kaleidoscopeconsulting.org
kaliham.io
lewb.org
linkkader.com
app.dev.marktbox.de
mixologies.xyz
mycda.app
migrainetracker.mylinknetworks.com
www.myrentokil.com
shindanmaker.note15.jp
parkd.app
patrickbussler.de
hml.dashboard.payos.app
www.pielaco.com
bestellen.pizzaking-gelsenkirchen.de
www.plagzero.com
www.postmormon.org
prismaplatform.app
2022.procadexpo.pl
tastyburger.order.pulp.eu
www.qrify.me
rubiq.app
dev.api.runblox.io
links.sahar.media
open.safeproud.shakewell.net
www.shivbullion.in
logistica.siapco.com.mx
simplexsolver.xyz
sofascama-ak.com
cms.place.spreeloop.com
www.stealthmodegames.org
www.sulphurdentistry.com
sweetera.de
staging.syne.studio
app.taiko.studio
demo.tcat.app
www.thepour.club
storigamiclock.timetobite.com
tspsolucoes.com.br
summit.turfnft.com
vulpp.com
watersweb.xyz
viz.wiijii.co
www.wonderpoll.io
blog.ymgchi.com
Other domains in certificate